Exploring the emerging threat of ‘disruptionware’

Published: Friday, 27 September 2019 07:48

The Institute for Critical Infrastructure Technology (ICIT) has published a new paper ‘The Rise of Disruptionware: A Cyber-Physical Threat to Operational Technology Environments’, which explores the impacts of ‘disruptionware’.

The paper says that disruptionware is ‘an alarming trend which sees adversaries disrupting business continuity and introducing severe risk into OT environments through the use of malware that can degrade or halt manufacturing processes, damage reputations, extort money from victims, or accomplish other targeted outcomes’.

Disruptionware is an emerging category of malware designed to suspend operations within a victim organization. With recent ransomware incidents (currently the world’s most common disruptionware component) highlighting the harm disruptionware attacks can cause to unprepared organizations, it is critical that business and technology leaders immediately understand this threat and develop risk mitigation plans to protect themselves.

The paper was written in partnership with Forescout Technologies and authored by Parham Eftekhari, Executive Director, ICIT and Ryan Brichant, ICIT Fellow & VP, CTO Critical Infrastructure and OT Security, Forescout.

“Ensuring business continuity has always been a top priority for business and technology leaders overseeing our manufacturing, utilities, and other OT heavy environments,” said Eftekhari. “The intent behind this paper was to create awareness around how disruptionware is being used to degrade or halt business operations and offer recommendations on steps organizations can take to improve resiliency.”

The paper includes a definition of disruptionware, factors contributing to the risk that disruptionware poses to manufacturing and other OT environments, high-level case studies of recent incidents such as the LockerGoga ransomware attack, steps organizations can take to minimize the risk disruptionware poses to their systems, and links to publicly available resources.

Obtain the paper.